/*
 */
package logistics.auth;

import aptech.eproject.logictics.dao.kien.BookingManagementServiceRemote;
import aptech.eproject.logictics.dao.kien.BranchServiceRemote;
import aptech.eproject.logictics.dao.kien.LoginServiceRemote;
import aptech.eproject.logictics.db.Branch;
import aptech.logictics.Util;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jboss.web.tomcat.security.login.WebAuthentication;

/**
 *
 * @author Kien Nguyen <solidfoxrock at gmail.com>
 */
public class LoginServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.sendRedirect("");
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String userName = (String) request.getParameter("username");
        String password = (String) request.getParameter("password");

        if (userName == null || userName.length() < 1
                || password == null || password.length() < 1) {
            forwardToLoginPage(request, response,
                    "Please provide both username and password to login.");
        } else {
            LoginServiceRemote loginService = Util.lookupLoginService();
            if (loginService.isBlocked(userName)) {
                forwardToLoginPage(request, response, "Your account has been blocked. "
                        + "Please contact Administrator for more information.");
            } else {
                String contextPath = request.getContextPath();
                WebAuthentication w = new WebAuthentication();
                boolean authenticated = w.login(userName, password);

                if (authenticated) {
                    // check bookings for consistence and restart timer agent
                    BookingManagementServiceRemote bookingService = Util.lookupBookingManagementService();
                    bookingService.checkBookings();
                    bookingService.stopAgent();
                    bookingService.startAgent();

                    // get branch information
                    BranchServiceRemote branchService = Util.lookupBranchService();
                    Branch branch = branchService.findBranchByUserName(userName);
                    String branchId = "", branchName = "";
                    if (branch != null) {
                        branchId = "" + branch.getBranchId();
                        branchName = branch.getBranchName();
                    }
                    request.getSession(true).setAttribute("BranchId", branchId);
                    request.getSession(true).setAttribute("BranchName", branchName);

                    // select page to redirect based on role
                    if (request.isUserInRole("Customer")) {
                        response.sendRedirect(response.encodeRedirectURL(contextPath + "/Customer/"));
                    } else if (request.isUserInRole("Employee")) {
                        response.sendRedirect(response.encodeRedirectURL(contextPath + "/Employee/"));
                    } else if (request.isUserInRole("Admin")) {
                        response.sendRedirect(response.encodeRedirectURL(contextPath + "/Admin/"));
                    } else if (request.isUserInRole("Manager")) {
                        response.sendRedirect(response.encodeRedirectURL(contextPath + "/Manager/"));
                    }

                } else {    // if login failed
                    forwardToLoginPage(request, response, "Login Failed. Please try again.");
                }
            }
        }
    }

    private void forwardToLoginPage(HttpServletRequest request, HttpServletResponse response, String msg) throws IOException, ServletException {
        request.setAttribute("statusMessage", msg);
        RequestDispatcher rd = request.getRequestDispatcher(response.encodeRedirectURL("login.jsp"));
        rd.forward(request, response);
    }
}
